IP Filtering Configuration Worksheets
B-6
8000-A2-GB21-30April 1998
IP Filter Configuration A-E-C
Prompt Your Configuration Setting
4. Depending on the rule type (or
combination of rule types) you want to
define, do one or more of the following:
– To define a
network address rule
type
, specify either an IP address or
subnet mask in the Source
Address and Source Address
mask fields, or the Destination
Address and Destination
Address mask fields.
– To define a
host address rule type
,
specify either an IP address or
subnet mask in the Source
Address and Source Address
mask fields, or the Destination
Address and Destination
Address mask fields.
– To define a
socket address rule
type
, specify the source (socket)
port number at the Source Port
No. field and the destination
(socket) port number at the
Destination Port No. field.
This rule type may be used in
conjunction with a network address
or host address rule type.
NOTE: Host address rules have
precedence over network address
rules. All host address rules will be
invoked sequentially before the first
network address rule.
If defining a socket address rule
type, you must also specify the
comparison type you want to
perform in the Comparison Type
field. Enter IGNORE if you do not
want to do a comparison, or one of
the following to do a comparison on
the port number specified in the
packet and the rule: EQ (equal to),
NEQ (not equal to), GT (greater
than), LT (less than), IN_RANGE
(within the specified range),
OUT_RANGE (outside of the
specified range).
For a description of these rule types,
see Chapter 7,
IP Filtering
.
Rule # ____
Source Address =
Source Address mask =
Source Port No. =
Comparison Type =
Destination Address =
Destination Address mask =
Destination Port No. =
Comparison Type =
5. Enter forward at the Filter
Action: prompt to activate filtering for
the specified filter name, or discard to
prevent packets that match the rule(s)
from passing through.
Filter Action =
